Senior Associate Global Security Office

What you'll do

• Perform IT Risk Analysis and Security Assessment
• Conduct kickoff, status, and closing meetings with stakeholders
• Manage third-party SOC audits as the key liaison for the organization, driving compliance throughout the year and managing the audit with the organization’s third-party auditor
• Drive compliance across frameworks (e.g. NIST CSF, SSAE 18 SOC 1,2,3, PCI, ISO 27001, etc.) as well as internal policies and procedures
• Assist in preparing reports to present to management
• Develop project plans, tracking, and reporting, as well as drive stakeholders to completion for audit deliverables
• Perform miscellaneous job-related duties as assigned
• Ensure compliance issues are correctly identified, evaluated, investigated and resolved
• Provide consultative services to business areas on the appropriate controls needed to ensure ongoing regulatory compliance
• Conduct periodic reviews of Information Security risk within the policies, procedures and frameworks to identify opportunities for continuous improvement and ensure that the content remains accurate and current
• Execute plans or roadmaps for security service strategy proposed improvements

Requirements

• Strong experience and detailed understanding of technology, regulations, and information security or compliance management best practices
• Ability to evaluate and recommend preventative and corrective controls to mitigate risk to the organization
• Understanding of various components of an information security program
• Technical aptitude, with the ability to effectively communicate with a working knowledge of all areas of IT controls
• IT graduates

Tech stack